The university where I work uses DHCP for the vast majority of our IP addressing needs. Workstations and the like.

However for servers we obviously use static IP addresses. The current method to figure out if an IP address is available works like this.

Guess an IP in the data center range, or look for one that doesn't show on the spreadsheet created nightly from the managed switch

ping it if it responds go back to step 1 if not procede to step 3

nslookup on it and see if anyone else has named it

About 90% of the time this works fine, but it is labor intensive, and not perfect. Given 10 administrators and about 300 servers in the main data center, and another 50 or so servers in our secondary data center, it seems like there should be a solution.

For static IP addresses (printers, MFDs, the occasional workstation) in the workstation ranges Client Services uses ipplan. It seems to be missing a few things we'd like: logging of who claimed IPs; multiple logins, preferably with LDAP so we can use existing accounts; a user interface simple enough that when you have to use it only a half dozen times a year it is still easy.

How do you manage your Data Center IP addressing? Do you track it? Is there "the IP address guy"? A paper list on the wall? Some variant on what we're doing with the poke til you find one?

I started using ipplan about 6 months ago and I love it. Sure it's missing some key features (auditing would be very nice), but it is soooo much better than keeping a spreadsheet.
–
Russ WarrenJul 13 '09 at 16:55

I'd suggest opennetadmin.com. It will manage DNS and DHCP for both static and pool ranges. It supports LDAP logins for multiple users/groups. When adding new IP addresses you get a quick tool that shows what IPs are available on a subnet to select from. It also has a visualization map of your IP space to see how things are allocated and used. There is a plugin system for extending its functionality as well.
–
Matt PApr 13 '11 at 20:28

9 Answers
9

We use a copy of dokuwiki, with a page for each used subnet. Whenever anything is commissioned, it's updated, althought we're small enough that if it's not updated for something, we can probably work out who did it.

What sort of information do you keep on your wiki page? We already have a wiki running for a lot of our documentation, so getting participation from the team might be easier.
–
Laura ThomasJul 13 '09 at 18:35

We set up a table for each subnet with IP address, machine name, MAC address, and IP address.
–
CianJul 13 '09 at 18:38

Data Center IP addressing... We have a small, 8-10 address DHCP scope with a really low lease time on our data-center subnets. This allows us to get a system set up (as far as we can with a dynamic IP anyway) and then request a real address from the DNS guys. The DNS guys do all the tracking of who requested what for what.

If that DHCP scope ever fills (so far it hasn't but it could happen) it's time to hunt up the other admins and see what those servers are doing on the temp address like that. It helps that the DHCP server is not run by the DNS guys, so we can look up leases ourselves.

There really isn't anything wrong with using DHCP on a server IP address. But for simplicity sake you can always just keep an excel spreadsheet of your subnets, the IP, server name, location, and which switch/port it is plugged into.

You can track all your static public IPs, your DHCP reservations, ensure that certain IPs are always available in a subnet for things like IPS/Router/Firewall/printer.

Maybe my coworkers and I just like to keep it simple by using a spreadsheet in a shared folder.

"There really isn't anything wrong with using DHCP on a server IP address." Disagree. Couple reasons: 1. If you have an outage and servers are booting up, you now have a dependency situation where the DHCP server must be up before other servers; else you have a race condition. 2. If DHCP is down, servers can't get an IP. 3. While minimal, you cause your server to take longer to boot up.
–
KiloJul 13 '09 at 17:27

If you have an outage to the point that all your DHCP servers and other servers have lost all power you have larger issues than IP management.
–
sparksJul 13 '09 at 18:21

I use DHCP for my servers as well, with static allocations based on MAC addresses, then when we need to make changes or quickly lookup a server's IP we just go into our firewall / router's configuration. Saved having to change DNS server options on 40+ Virtual Machines when we rearranged our infrastructure a while ago.

DNS. We register all assigned IPs in our DNS server. If the address is listed there, it is taken. If it isn't, I still ping just to be sure someone didn't assign one and forget to register it (could happen with any scheme), but then I assign it and enter the information in DNS.

I don't use DHCP reservations because that requires DHCP to be operational for our statically assigned services to operate.

I use the DHCP configuration file (ISC dhcpd.conf or the Microsoft DHCP server database) as "the spreadsheet". Spreadsheets fall out of data and are notoriously inaccurate in networks of any size. I allow new devices to pull addresses and then fix them down with reservations later. If I were working in networks large enough to need dedicated "DHCP guys" I'd still follow the same strategy. I'd push out automated exports (probably web-based) of the configuration in such cases so that the groups who don't administer DHCP can still see what the configurations look like.

All statically assigned devices (of which I try and keep as few as possible) are depicted as reservations (with a note indicating that they're really static assignments). All devices that can obtain DHCP do, and those devices that need to "appear" as static addresses are reserved.

I take the opposite stance as Kevin Kuphal-- I use DHCP reservations for nearly everything possible (I've had to renumber too many networks too many times). DHCP is an important infrastructure service-- as important as DNS or even basic IP routing-- and I use it extensively and make sure that I have a failover plan in place in case I lose my DHCP server.

I wouldn't bother documenting servers that were pulling IPs from the DHCP pool without reservations. Just use DNS. Agreed 100% on using DHCP everywhere you possibly can, it just makes life easier.
–
sparksJul 13 '09 at 17:07

DHCP and automatic DNS registration might work for our Windows boxes, but we're a very mixed evnironment with Solaris, Linux, and OSX. Not to mention a handful of grumpy legacy apps that want static IPs in places.
–
Laura ThomasJul 13 '09 at 18:24

1

For those "truly static" items, I still document them as DHCP reservations even if the device won't actually ever come ask for the reservation. That accomplishes a two-fold goal-- it gets that IP out of a potential assignment scenario by the DHCP server, and it documents the use of that IP for my future reference.
–
Evan AndersonJul 13 '09 at 18:40

You need an authoritative reference of IPs allocated. We use DNS. (Well actually we have a custom-rolled perl script that converts an authoritative text file into DNS and NIS-hosts entries. If the system is described with an ethernet address too, it gets a DHCP-reservation on its static IP too.)

I generally don't like DHCP for servers and server-management because I've hit too many scenarios where the server or BMC which requires a DHCP lease asks for it only once, at boot time, and my DHCP server isn't up yet.

I think you will find that a lot of people simply use spreadsheets to track address assignments.

Personally, I'm trying to convince people to start using DHCP for servers with either static assignments or long lease times. This way your DHCP servers become your one stop IP address database. This is a foreign concept to a lot of server guys though who want to be sure that there is no chance that a server's IP address could change unintentionally. Either way, your servers should also be in DNS and any connections to them should be by FQDN.

We're small enough that we use the spreadsheet method - there are only 3 of us that work on the servers and networks, so we do keep it up to date.

But one of our "when we have time" projects is to switch to using DHCP reservations for everything that needs a static address. We do this for most of our printers now, and it's saved a lot of hassle recently. All the secretaries and executive assistants have networked printers and there's been a lot of reorganizing recently. With DHCP reservations, when people have swapped departments, we "swap" their printer IPs in DHCP and tell them to power-off/power-on their printers.